UMMC

Main Content

HIPAA Breach Notice

The University of Mississippi Medical Center (UMMC) has become aware of a breach of patient personal health information affecting certain individual patients.

Federal and state law require health-care institutions to notify patients potentially affected by such incidents. Although the identities of the affected patients are known, individual notifications are not possible in this case due to insufficient contact information for those who are affected.

It was reported to UMMC’s Office of Integrity and Compliance (OIC) that information regarding certain patients was accessed and taken from UMMC during June 2016 by former UMMC employees to use the information to establish records and contact patients at a new non-UMMC clinic.

The demographic and encounter information involved includes, but is not limited to the following items: Full name, full address including city, state, zip, county, phone numbers, email, date of birth, medical record number, social security number, age, gender, race, emergency contact name(s) with relation and phone numbers, guarantor name and guarantor address, employer name, insurance payer/group with contact information and effective dates, subscriber name and date of birth, member ID, appointment information, Primary Care Provider (PCP) contact information and location, dates of service, reason(s) for visit and diagnoses, patient histories (such as medical, surgical, socioeconomic, family, oncology and visit), problem list, allergies, vitals including height and weight, encounter type and clinical documentation, medications, infusion method(s), diet, lab and radiological results, assessments and plans, patient/family education and instructions, care team and communications/notes, orders, survivorship, pharmacy, and health maintenance items.

Patient privacy is a high priority for our organization and our employees receive a significant amount of information and training about the importance of patient privacy. UMMC is pursuing legal action related to the activities carried out by the former employees. To date, we are not aware that any personal information has been used for identity theft or financial credit fraud.

Individuals who believe they may be affected or have general questions about this occurrence can contact UMMC using the information below. UMMC representatives will do all they can to assist concerned individuals in working through this process.

  • Call: 855-241-2575;
  • Email to:  HIPAAPRIVACY@umc.edu ; or
  • Write to: University of Mississippi Medical Center, 2500 N State Street,  Attn: Office of Integrity and Compliance, Jackson, MS 39216